* Heikki Linnakangas (hlinn...@iki.fi) wrote: > I'm not sure how expensive a brute force attack on SRP would be, > using a stolen backup tape. There doesn't seem to be an iterations > count similar to SCRAM. But note that SRP's resistance to > brute-forcing the authentication handshake is of a different kind. > It's not just expensive, but outright impossible. (Don't ask me how > that works; I'm not well-versed in the maths involved.) That's a big > advantage because it means that it's OK to use a fairly weak > password like 'foobar123' that would be trivially cracked with a > dictionary attack.
If it's actually impossible then that's certainly interesting.. I don't get how that's possible, but ok. > (You can still connect to the server and try > different passwords, but the server can log that and throttle how > many guesses / minute it let's you do) Wouldn't that be nice... Wish we did it. :( Thanks, Stephen
Description: Digital signature